CVE-2026-3366

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

EUVD-2026-32274

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in jsPDF (CVE-2026-24040, CVE-2026-24043, CVE-2026-24133, CVE-2026-24737)

Summary Multiple vulnerabilities in the jsPDF library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 4.0.0. Vulnerability Details CVEID:CVE-2026-24040 DESCRIPTION: jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS...

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by vulnerabilities in urllib3 (CVE-2025-50181, CVE-2025-50182)

Summary Vulnerabilities in the urllib3 library CVE-2025-50181, CVE-2025-50182 used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 2.6.3. Vulnerability Details CVEID:CVE-2025-50181 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Pytho...

EUVD-2013-2893

Malware in sbrugna...

EUVD-2015-1999

Malware in sbrugna...

EUVD-2015-2000

Malware in sbrugna...

CVE-2013-2953

IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 relies on the MD5 algorithm for signatures in X.509 certificates, which makes it easier for man-in-the-middle attackers to spoof SSL servers via a crafted certificate...

Security Bulletin: Multiple vulnerabilities in IBM Infosphere Optim Data Growth for Oracle E-Business Suite (CVE-2013-0577, CVE-2013-0579, CVE-2013-0580)

Abstract Multiple vulnerabilities exist in the Optim E-Business Console that can allow an attacker to view sensitive information, perform actions as an impersonated legitimate user, or upload, modify or delete web pages or scripts on the server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-057...

Security Bulletin: Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2013-4025, CVE-2013-4024, CVE-2013-4022)

Abstract Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows which could allow an attacker to view sensitive information or perform actions as a compromised user...

Security Bulletin: InfoSphere Optim Performance Manager affected by vulnerability in IBM JAVA JRE (CVE-2013-0169)

Abstract IBM InfoSphere Optim Performance Manager uses the IBM Java Runtime Environment JRE and is affected by a vulnerability in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0169 DESCRIPTION: The TLS protocol does not properly consider timing side-channel attacks, which allows...

Security Bulletin:An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JCE component could affect IBM InfoSphere Optim Performance Manager CVE-2018-2783

Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Security component could allow an unauthenticated attacker to cause high confidentiality impact, high integrity impact, and no availability impact. Vulnerability Details CVEID: CVE-2018-2783...

Security Bulletin:Eclipse OpenJ9 could allow a local attacker to gain elevated privileges on the system and The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java does not protect against CVE-2018-1656 and CVE-2018-12539

Summary The IBM Java Runtime Environment's Diagnostic Tooling Framework for Java DTFJ IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 does not protect against path traversal attacks when extracting compressed dump files. IBM X-Force ID: 144882. And Eclipse OpenJ9 could allow a local attacker t...

Security Bulletin: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JNDI component could affect IBM InfoSphere Optim Performance Manager. CVE-2018-2633 CVE-2018-2603 CVE-2018-2579

Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JNDI component could allow an unauthenticated attacker to take control of the system. An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit Libraries...

Security Bulletin: An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JCE component could affect IBM InfoSphere Optim Performance Manager CVE-2017-10115 CVE-2017-10116

Summary An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded, JRockit JCE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors, and allow an unauthenticated...

Security Bulletin: Vulnerability in RC4 stream cipher affects IBM InfoSphere Optim Performance Manager (CVE-2015-2808)

Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM InfoSphere Optim Performance Manager. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker...

Security Bulletin: Security vulnerabilities affecting IBM InfoSphere Optim Performance Manager (CVE-2015-1916, CVE-2015-0488)

Summary This advisory covers all the issues disclosed by Oracle in their April 2015 Critical Patch Update CPU, plus additional CVEs which are specific to the IBM JRE/SDK. Vulnerability Details CVE-2015-1916 Description: Server applications which use the IBM Java Secure Socket Extension provider t...

Security Bulletin: Vulnerability in Apache Xerces-C XML parser, including XML4C affects IBM InfoSphere Optim Masking On Demand

Summary Open Source Xerces-C XML parser vulnerability affects IBM InfoSphere Optim Masking On Demand Data Privacy components. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during...

Security Bulletin: Vulnerability in Apache Xerces-C XML parser, including XML4C affects IBM InfoSphere Optim Data Growth & Test Data Management & Application Retirement

Summary Open Source Xerces-C XML parser vulnerability affects IBM InfoSphere Optim Data Growth & Test Data Management & Application Retirement, also known as the server components. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial...

Security Bulletin: A Vulnerability in IBM Java Runtime Affects Optim Data Growth, Test Data Management and Application Retirement

Summary There is a vulnerabilitiy in IBM® Runtime Environment Java™ Version 6 and IBM® Runtime Environment Java™ Version 8 used by Optim Data Growth, Test Data Management and Application Retirement. This issue was disclosed as part of the IBM Java SDK updates in October 2017. Vulnerability Detail...